Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
DomainedMulti Tool Subdomain Enumeration
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
SuboverA Powerful Subdomain Takeover Tool
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
FavfreakMaking Favicon.ico based Recon Great again !
RedcloudAutomated Red Team Infrastructure deployement using Docker
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Learn365This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
MetabigorIntelligence tool but without API key
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
DnsgenGenerates combination of domain names from the provided input.
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
BugbountyguideBug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
HettyHetty is an HTTP toolkit for security research.
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Go DorkThe fastest dork scanner written in Go.
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Jsfscan.shAutomation for javascript recon in bug bounty.
SubzySubdomain takeover vulnerability checker
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Recon My WayThis repository created for personal use and added tools from my latest blog post.
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Project BlackPentest/BugBounty progress control with scanning modules
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
WDIRGood resources about web security that I have read.
PriestExtract server and IP address information from Browser SSRF
sub404A python tool to check subdomain takeover vulnerability
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
reFlutterFlutter Reverse Engineering Framework
PandorasBoxSecurity tool to quickly audit Public Box files and folders.
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland